This invention relates to a mechanism for controlling program attributes within a computer system, and is particularly, although not exclusively, concerned with a privilege control mechanism for a computer system.
Conventional privilege mechanisms operate on an all-or-nothing basis: either a process is in a privileged state, and has the ability to perform all restricted actions, or else it is in a non-privileged state, and cannot perform any of these actions. Other conventional privilege mechanisms provide finer granularity of privilege control by associating a set of privileges with each program that needs those privileges and can be trusted not to abuse them.
One object of the present invention is to improve on these conventional privilege mechanisms.